Learn your way! Get started

SCS-C01: AWS Certified Security Specialist, Part 4 of 6: Identity and Access MGMT

with expert Zeal Vora


Watch trailer


Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack

Release date 8/11/2022
Level Intermediate
Runtime 6h 44m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code Included
Exams N/A


Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More



Course description

Amazon Web Services Certified Security Specialty is an exam intended to validate an individuals experience in a security role. This course covers Domain 4 Identity and Access Management which counts for 20% of the exam.

Prerequisites

two years of hands-on experience securing AWS and 5 years or more in IT security experience designing and implementing security solutions.

Meet the expert

Zeal works primarily as a Cloud Security Consultant guiding organizations to re-build their infrastructure with security in mind. Zeal also holds more then 13+ certifications ranging from RedHat Certified Architect to AWS Security.

Course outline



Module 11

AWS Organizations (30:48)
  • Introduction (00:08)
  • AWS Organizations (07:06)
  • Demo: AWS Organizations (05:40)
  • OU in AWS Organization (06:11)
  • IAM Policy Evaluation Logic (11:33)
  • Summary (00:08)
Identiy and Resource Based Policy (53:08)
  • Introduction (00:08)
  • Identity and Resource Based Policy (07:47)
  • Access Management (15:05)
  • StartStop EC2 (11:56)
  • Identity Account Architecture (09:21)
  • Cross Account IAM Practical (08:42)
  • Summary (00:08)

Module 12

External ID in Delegation (29:36)
  • Introduction (00:08)
  • External ID (09:26)
  • EC2 Instance Metadata (07:44)
  • IAM Role (07:38)
  • How IAM Role Works (04:30)
  • Summary (00:08)
IPTABLES and Instance Meta-data (31:41)
  • Introduction (00:08)
  • IPTABLES and Instance Metadata (05:25)
  • IAM Policy Element (09:56)
  • IAM Policy Variables (04:43)
  • Principal and NotPrincipal (07:25)
  • Demo: NotPrincipal Element (03:55)
  • Summary (00:08)
Condition Element (37:04)
  • Introduction (00:08)
  • Condition Element (07:08)
  • AWS STS (16:55)
  • Federation (12:44)
  • Summary (00:08)

Module 13

SAML (30:22)
  • Introduction (00:08)
  • SAML (10:37)
  • AWS SSO (06:17)
  • Implementing AWS SSO (08:06)
  • Integrate AWS CLI with SSO (05:05)
  • Summary (00:08)
AWS Cognito (31:51)
  • Introduction (00:08)
  • Amazon Cognito (07:48)
  • Active Directory - Integration (04:13)
  • AWS Directory Service (08:41)
  • Domain Join EC2 with Simple AD (10:51)
  • Summary (00:08)

Module 14

Trusts in Active Directory (37:53)
  • Introduction (00:08)
  • Trusts in Active Directory (07:26)
  • S3 Bucket Policy (12:09)
  • Regaining Access to Locked S3 Bucket (05:09)
  • Cross Account S3 Access (12:52)
  • Summary (00:08)
Canned ACL (41:06)
  • Introduction (00:08)
  • Canned ACL (08:55)
  • Presigned URLs (08:57)
  • S3 Versioning (09:48)
  • S3 Cross Region Replication (04:16)
  • S3 Object Lock (08:52)
  • Summary (00:08)

Module 15

MFA Protected API Access (26:22)
  • Introduction (00:08)
  • MFA Protected API Access (09:56)
  • IAM Permission Boundary (09:39)
  • IAM and S3 (06:31)
  • Summary (00:08)
Troubleshooting IAM Policies (21:39)
  • Introduction (00:08)
  • Troubleshooting IAM Policies (01:46)
  • Troubleshooting Solution - Policy 01 (04:46)
  • Troubleshooting Solution - Policy 02 (05:28)
  • Troubleshooting Solution - Policy 03 (04:24)
  • Troubleshooting Solution - Policy 04 (01:24)
  • Troubleshooting Solution - Policy 05 (03:32)
  • Summary (00:08)
AWS Control Tower (32:55)
  • Introduction (00:08)
  • AWS Control Tower (15:27)
  • Service Role and Pass Role (12:42)
  • Amazon Workmail (04:28)
  • Summary (00:08)